# How to Prepare a Browser Bundle with I2P Torrenting and TOR for clearnet browsing

TOR is not encouraged to be used for torrenting. But I2P is designed to be torrented over and somewhat encouraged. It can also be used to browse special websites on I2P called "eepsites". The best way to enjoy I2P is to have a browser configured to use it. So I wanted to create a bundle that stays in a folder and can be used on any GNU/Linux distro.

I like the idea behind I2P but the default build requires having JDK installed on your machine. So I was interested in a solution that works without Java, so was looking into [i2pd](https://i2pd.website/), the C++ implementation of I2P.

----------

**WARNING:** The instructions are not designed for privacy and security in mind and should not be considered as reliable. You are responsible for how you use it and what you access with it. I'm not responsible for any kind of damage.

----------

When finished, you will be able to:

- Create a semi portable bundle folder that you can move around
- Browse websites in I2P network with i2pd (no Java needed)
- Torrent over I2P network (no Java needed and no leaks)
- Browse clearnet websites through TOR
- Automatically shuts down everything when you close browser (like TOR browser does)


## Step 1: Preparation

Make a directory somewhere. e.g. `~/i2p-bundle`

```
mkdir i2p-bundle
cd i2p-bundle
```


## Step 3: Prepare i2pd

[i2pd](https://i2pd.website/), is the C++ implementation of I2P.

You can also use a system install of i2pd, but if your distro doesn't have the package for it, then build from repo:

```
git clone --depth=1 https://github.com/PurpleI2P/i2pd.git
cd i2pd
make
# this will create a `i2pd` binary
cd ..
```

If you want to run i2pd now you can (optional):

```
ulimit -n 4096
i2pd/i2pd --datadir i2pd-data
```

The `ulimit` is [needed](https://i2pd.readthedocs.io/en/latest/user-guide/run/) on linux to increase open file limit. `i2pd-data` directory will be created and all the i2pd related data will be stored in there. Ctrl+C when done.


## Step 4: Prepare XD

XD is a BitTorrent client specifically created to be used with I2P (and I2Pd). It has a minimal webui to add and manage your torrents kind of like I2P snark.

Right now AUR has a [xd-torrent](https://aur.archlinux.org/packages/xd-torrent/). You may not have XD in your distro's repo, so we'll build from source. You may need to install `go` and `make` for this.

```
git clone --depth=1 https://github.com/majestrate/XD.git
cd XD
make
cd ..
```

To [run](https://xd-torrent.readthedocs.io/en/latest/user-guide/run/) you can do (optional):

```
mkdir XD-data
cd XD-data
../XD/XD torrents.ini; cd ..
```

XD related data should now be stored in `XD-data`. We `cd` into the directory because the default ini created will use current dir so we save ourselves from some edits. You should now be able to access the webui on `http://127.0.0.1:1776/`. You may have to whitelist blacklisted JS scripts from toolbar's LibreJS icon to use it. Ctrl+C when done.


## Step 5: TOR

You can build tor from source and put the files on a `tor` directory. Here, we're using the repo version installed from the distro package repo.

To run (optional):

```
tor --User "" --DataDirectory "$PWD/tor-data" --SOCKSPort 9450
```

`--User` is set to blank because setting a user requires tor to be run as root. `--DataDirectory` is set to the path where tor can save its files. It has `$PWD` included because tor complains if absolute path is not used in param. `--SOCKSPort` is set to the port which is included in FoxyProxy Standard config file.

If you want to use a `torrc` file to introduce new settings or for any other reason, copy the `tor-data/torrc` file in this directory to a new directory called `tor-data`. The file is just a standard torrc file with:

- `User tor` commented, so that it can be run as normal user
- `DataDirectory` set to our `tor-data`
- `SOCKSPort` to `9450` to not conflict with system service

The run command should then contain a `-f` option:

```
tor -f tor-data/torrc
```

## Step 6: Prepare the browser

I'm using IceCat here, but you can use any Firefox based browser here, even system installed ones. But whetever you use, be careful of the [privacy implications](https://privacytools.io/browsers/#browser).

Go to [IceCat homepage](https://www.gnu.org/software/gnuzilla/) and click "Latest release". Then download either `icecat-60.7.0.en-US.gnulinux-x86_64.tar.bz2` or `icecat-60.7.0.en-US.gnulinux-i686.tar.bz2` depending on your OS architecture (run `uname -m` to find out).

```
tar -xf /path/to/icecat-*.en-US.gnulinux-*.tar.bz2 -C ~/i2p-bundle
```

To run it:

```
mkdir -p icecat-data
icecat/icecat --no-remote --profile "$PWD/icecat-data"
```

`--no-remote` is to start a new separate instance and not to use any Firefox or other browser already running on the system.

Run it and disable **Onion Browser Button** addon (we'll use FoxyProxy instead). Now install [FoxyProxy Standard addon](https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/). Click the FoxyProxy icon, then click "Options", then click "Import settings". Under "Import Settings from FoxyProxy 6.0+" click "Import settings" and open the `FoxyProxy Standard presets.json` file. Click OK. If you see the FoxyProxy icon in the toolbar with a red cross, click it and select "Use Enabled Proxies by Patterns and Order".

In newer IceCat browser versions, if you enter an I2P url, for example, `stats.i2p` and it searches for it instead of going there, try adding `http://` before it, or you can disable searching from location bar by going to `about:config` and making `keyword.enabled` to `false`. As a side effect it will now not search anything you type. So, to make it easier to launch searches, you can go to **Settings - Search** and select "Add search bar in toolbar" to enable a separate search bar besides the location bar.

Get the `run-browser.sh` file from this directory and put it inside the `~/i2p-bundle` directory. Now, ideally, you should be able to move around this directory and use it on any Linux system. To run the browser with all the necessary I2Pd, XD and TOR, just run the `./run-browser.sh`

## To use Firefox under OpenBSD

If you want to use system Firefox installation you'll the profile resets every time Firefox starts, can't save settings, can't access HTTPS sites. It is due to unveil being strict. `/usr/local/share/doc/pkg-readmes/firefox` says that default unveil settings only allow firefox to access `/tmp` and `~/Downloads`. To fix this:

**NOTE:** We assume i2p browser bundle is in `~/bin/i2p-browser-bundle`. Change the paths if you put files elsewhere. Due to unveil being strict, it can't be that portable in OpenBSD (requiring changes everytime the bundle is moved).

`doas nano /etc/firefox/unveil.main`
```
...
~/bin/i2p-browser-bundle/firefox-data rwc
```

`doas nano /etc/firefox/unveil.content`
```
...
~/bin/i2p-browser-bundle/firefox-data r
```

Since Firefox has problematic default settings, please take care to configure correctly and then use.

## How to use yggdrasil with this bundle

**WARNING:** Yggdrasil was [not designed with anonimity](https://yggdrasil-network.github.io/faq.html#is-yggdrasil-anonymous) in mind. Directly peering with a node with [Yggdrasil may reveal your real IP address](https://yggdrasil-network.github.io/privacy.html#peerings) to them. Since it does not protect your identity, it is logical not to be included by default. Use only if you understand the risk and ok with it.

```
doas pkg_add yggdrasil-go  # replace with anything for your distro or system to install yggdrasil
cd /path/to/i2p-browser-bundle
mkdir yggdrasil-data
yggdrasil -genconf > yggdrasil-data/yggdrasil.conf
```

Go to <https://publicpeers.neilalexander.dev/> then pick the peers that are online and closer to you geographically. Yggdrasil can peer over I2P or TOR. So it is recommended to use those if possible. [Details here](https://github.com/yggdrasil-network/public-peers/tree/master/other). Unfortunately I2P and TOR peers don't work for me, at least in OpenBSD. In most cases listing 2-3 peers are fine. Add them to yggdrasil.conf, like:

```
Peers:
[
  tcp://a.b.c.d:e
  tcp://d.c.b.a:e
  tcp://[a:b:c::d]:e
  tcp://[d:c:b::a]:e
]
```

Run Yggdrasil with:

```
doas yggdrasil -useconffile yggdrasil-data/yggdrasil.conf
```

Now try visiting `http://[319:3cf0:dd1d:47b9:20c:29ff:fe2c:39be]/` with a normal unproxied browser (like BadWolf). It should show the Yggdrasil website.

However, to configure FoxyProxy, click its toolbar button and open its Options. Click Add, change the title to be "yggdrasil", Proxy Type to "Direct (no proxy)", click "Save and Edit Patterns". One single default rule will be added. Change Type to Reg Exp, change the pattern to be `[.*:.*:.*:.*:.*:.*]`, then hit Save. The yggdrasil rule should be the topmost item. Click the down arrow beside it until it is just below "Default" rule.

**Extra details:**

Running above `yggdrasil` should show a IPv6 address starting with `200:`, like:

```
Your IPv6 address is 200:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX
```

If you don't see it, you can run `doas yggdrasilctl getself` and it should show:

```
IPv6 address: 200:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX
...
```

ref:
- <https://yggdrasil-network.github.io/installation.html>
- <https://f-droid.org/en/packages/io.github.chronosx88.yggdrasil/>
- <https://wiki.archlinux.org/title/Yggdrasil>
